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DETAILED ACTION 

1 . This office action is responding to the application received on 12/13/2000. 

2. Claims 1-23 are pending. 

Claim Rejections - 35 USC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claim 1 recites the limitation "active agent" in "the first key management 
component transmitting the first key management component public key to the active 
agent computing platform over a secure channel". There is insufficient antecedent 
basis for this limitation in the claim. Examiner confuses on whether the "active agent" is 
referring to first active agent, second active agent, or a third. Examiner assumes the 
applicant meant the second active agent. Appropriate correction is necessary. 



Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
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only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

6. Claims 1-3, 5, 7, 9-12, 14, 16, and 18-23 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Sasaki et al, US Patent No. 6351536, hereinafter "Sasaki". 

7. As per claim 1 , Sasaki teaches "A method of encrypting an object, comprising the 
steps of: a first active agent initiating the first key management component generating a 
first key management component public key/first key management component private 
key pair (Col 10 lines 14-17); loading an object encryption component; loading an object 
decryption component; creating a correlation table; a second active agent transmitting 
an encrypt object request to the first key management component (Col 3 lines 22-26, 
Col 9 lines 25-31); the first key management component transmitting an object 
encryption component to the second active agent computing platform over a secure 
channel (Col 9 lines 40-44); the first key management component transmitting the first 
key management component public key to the active agent computing platform over a 
secure channel (Col 9 lines 40-44); the object encryption component generating a 
symmetric key (Col 10 lines 5-9); the object encryption component encrypting a clear 
text object with the symmetric key (Col 9 lines 32-34); the object encryption component 
encrypting the symmetric key with the first key management component public key (Col 
7 lines 50-59); the object encryption component creating an association between the 
encrypted symmetric key and the cipher text object (Col 2 lines 14-17 and Col 7 lines 
50-59); the object encryption component transmitting the encrypted symmetric key to 
the first key management component or to a second key management component 
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having the first key management component private key (Col 7 lines 12-35) ; the object 
encryption component transmitting the association to the key management component 
having received the encrypted symmetric key (Col 7 lines 12-35); and, the key 
management component having received the association entering the association into 
the correlation table (Col 17 lines 18-23). 

8. As per claim 3, Sasaki teaches "The method of claim 1 , wherein the first key 
management component public key/first key management component private key pair is 
generated using an encryption algorithm selected from the group consisting of ECC and 
RSA (Col 10 lines 14-17). 

9. As per claims 5 and 14, Sasaki teaches "The method of claims 1 and 14, wherein 
the object encryption/decryption component is installed on a browser" in (Col 2 line 64 
thru Col 3 line 4). 

10. As per claims 7 and 16, Sasaki teaches "The method of claims 5 and 14, wherein 
the object encryption component is implemented as a Java. R ™' applet" in (Col 9 lines 
25-31). 

11. As per claims 9 and 18, Sasaki teaches "The method of claims 1 and 18, wherein 
the object encryption component is comprised of a symmetric encryption algorithm 
selected from the group consisting of IDEA, DES, Blowfish, RC4, RC2, SAFER, and 
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AES" in (Col 7 lines 57-59). 
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12. As per claim 10, Sasaki teaches "A method of decrypting an object, comprising 
the steps of: an active agent transmitting a decrypt object request to the key 
management component (Col 14 lines 20-26); the key management component 
retrieving a cipher text object symmetric key from a correlation table (Col 8 lines 35-39); 
the key management component decrypting cipher text object symmetric key with the 
key management component private key (Col 7 line 66 thru Col 8 line 3); the key 
management component transmitting the object decryption component to the active 
agent computing platform over a secure channel (Col 14 lines 20-26); the key 
management component transmitting the cipher text object symmetric key to the active 
agent computing platform over a secure channel (Col 13 lines 58-67 and Col 14 lines 
20-26); and the object decryption component decrypting the cipher text object with the 
cipher text object symmetric key (Col 13 lines 64-67). 

13. As per claims 2 and 19, Sasaki teaches "A method of encrypting an object, 
comprising: under control of a first encryption server system, generating a public/private 
key pair for an encryption server system (Col 10 lines 14-17); under control of a client 
system, requesting an encryption program from an encryption server system (Col 3 
lines 22-26, and Col 9 lines 25-31); requesting a server public key from an encryption 
server system (Col 3 lines 22-26, and Col 9 lines 25-31); under the control of an 
encryption server system, transmitting an encryption program to a client system over a 
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secure channel (Col 9 lines 40-44); transmitting a server public key to a client system 
over a secure channel (Col 9 lines 40-44); under control of a client system, receiving an 
encryption program from an encryption server system over a secure channel (Col 9 
lines 40-44); receiving a server public key from an encryption server system over a 
secure channel (Col 9 lines 40-44); installing an encryption program on a client system; 
running an encryption program on a client system to generate a symmetric key (Col 10 
lines 5-9); encrypting a clear text object with a symmetric key, thereby creating a cipher 
text object (Col 9 lines 32-34); creating a relationship between a cipher text object and a 
symmetric key; encrypting symmetric key with an encryption server public key, thereby 
creating an encrypted symmetric key (Col 7 lines 50-59); creating a relationship 
between a cipher text object and an encrypted symmetric key (Col 2 lines 14-17 and Col 
7 lines 50-59); transmitting a cipher text object to an encryption server system; 
transmitting an encrypted symmetric key to an encryption server system; transmitting 
the relationship between a cipher text object and an encrypted symmetric key to an 
encryption server system (Col 7 lines 57-59 and Col 7 lines 12-35); under the control of 
an encryption server system, storing a cipher text object in a storage medium; storing 
an encrypted symmetric key in a storage medium (Col 7 lines 25-29); and storing the 
relationship between a cipher text object and an encrypted symmetric key in a storage 
medium (Col 17 lines 18-23). 

14. As per claims 11-12, and 21 , Sasaki teaches "An encryption system for 
transparent key management object encryption, comprising: an encryption server 
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system and a client system; an encryption server system, using the first entry in a 
correlation table to retrieve an encrypted symmetric key (Col 8 lines 35-39); decrypting 
a symmetric key using an encryption server system private key, thereby creating a 
decrypted symmetric key (Col 7 line 66 thru Col 8 line 3); inserting a symmetric key into 
a decryption program; sending a decryption program to a client system over a secure 
channel (Col 13 lines 58-67 and Col 14 lines 20-26); sending a cipher text object to a 
client system (Col 13 lines 55-57); under control of a client system, requesting a cipher 
text object from a server (Col 13 lines 55-57); under control of an encryption server 
system, installing a decryption program on a client system (Col 14 lines 20-31); and, 
decrypting a cipher text object using a decryption program, thereby creating a clear text 
object (Col 13 lines 64-67). 

1 5. As per claim 22, Sasaki teaches " An encryption system for transparent key 
management object encryption, comprising: an encryption server system and a client 
system; under control of an encryption server system, generating a symmetric key (Col 
13 lines 39-43); encrypting a clear text object with a symmetric key, thereby creating a 
cipher text object (Col 9 lines 32-34); inserting a symmetric key into a decryption 
program; sending a decryption program to a client system over a secure channel (Col 
13 lines 58-67 and Col 14 lines 20-26); sending a cipher text object to a client system 
(Col 13 lines 55-57); under control of a client system, requesting a clear text object from 
a server (Col 13 lines 55-57); installing a decryption program on a client system (Col 14 
lines 20-31); and, decrypting a cipher text object using a decryption program, thereby 
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creating a clear text object (Col 13 lines 64-67). 

1 6. As per claims 20 and 23, Sasaki teaches "An encryption system for transparent 
key management object encryption, comprising: an encryption server system and a 
client system; an encryption server system, generating a public/private key pair for an 
encryption server system (Col 13 lines 39-43); transmitting an encryption program to a 
client system over a secure channel (Col 9 lines 40-44); transmitting a server public key 
to a client system over a secure channel (Col 9 lines 40-44); storing a cipher text object 
in a storage medium; storing an encrypted symmetric key in a storage medium; storing 
the relationship created between a cipher text object and an encrypted symmetric key in 
a storage medium (Col 7 lines 25-29); using the first entry in a correlation table to 
retrieve an encrypted symmetric key (Col 8 lines 35-39); decrypting a symmetric key 
using an encryption server system private key, thereby creating a decrypted symmetric 
key (Col 7 line 66 thru Col 8 line 3); inserting an encrypted symmetric key into a 
decryption program; sending a decryption program to a client system over a secure 
channel (Col 13 lines 58-67 and Col 14 lines 20-26); sending a cipher text object to a 
client system (Col 13 lines 55-57); decrypting an encrypted symmetric key using an 
encryption server system private key, thereby creating a decrypted symmetric key (Col 
7 line 66 thru Col 8 line 3); sending a cipher text object to a client system (Col 13 lines 
55-57); generating a symmetric key (Col 13 lines 39-43); encrypting a clear text object 
with a symmetric key, thereby creating a cipher text object (Col 13 lines 47-49); a client 
system, requesting an encryption program from an encryption server system (Col 3 



Application/Control Number: 09/996,283 Page 9 

Art Unit: 2135 

lines 22-26 and Col 9 lines 25-31); requesting a server public key from an encryption 
server system (Col 10 lines 14-17); receiving an encryption program from encryption 
server system over a secure connection (Col 9 lines 40-44); receiving a server public 
key from an encryption server system over a secure channel Col 9 lines 40-44); 
installing an encryption program on a client system (Col 10 lines 5-9); running an 
encryption program on a client system to generate a symmetric key (Col 10 lines 5-9); 
encrypting a clear text object with a symmetric key, thereby creating a cipher text object 
(Col 9 lines 32-34); creating a relationship between a cipher text object and a symmetric 
key (Col 2 lines 14-17); encrypting symmetric key with an encryption server public key, 
thereby creating an encrypted symmetric key (Col 7 lines 50-59); creating a relationship 
between a cipher text object and an encrypted symmetric key (Col 2 lines 14-17; col 7 
lines 50-59); transmitting an object encrypted with a symmetric key from a client system 
to an encryption server system (Col 7 lines 57-59); transmitting a symmetric key 
encrypted with a server public key from a client system to a encryption server system 
(Col 7 lines 57-59); transmitting the relationship between a cipher text object and an 
encrypted symmetric key to an encryption server system (Col 9 lines 32-35 and Col 7 
lines 57-59); requesting a cipher text object from a server (Col 13 lines 55-57); installing 
a decryption program on a client system (Col 14 lines 20-31); and, decrypting a cipher 
text object using a decryption program, thereby creating a clear text object; and, 
requesting a clear text object from a server (Col 13 lines 64-67). 
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Claim Rejections - 35 USC § 103 

17. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

18. Claims 4, 6, 8, 13, 15, and 17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sasaki. 

19. As per claims 4 and 13, Sasaki teaches "The method of claims 1 and 10". 
However, Sasaki is silent on "the secure channel is an SSL channel". Nevertheless, 
Sasaki teaches an encrypted communication between the client's browser and the 
server in (Col 9 lines 40-44). Therefore, it would have been obvious at the time of the 
invention was made for one having ordinary skill in the art that the encrypted 
communication can be interpreted as SSL communication. It is well know that the 
encrypted communication between the client's browser and the server is provided by 
the SSL protocol. 

20. As per claims 6 and 15, Sasaki teaches "The method of claims 5 and 14 and a 
web browser" in (Col 3 lines 3-25). However, Sasaki is silent on "wherein the browser is 
the Internet Explorer™, or the Navigator. RTM ". Nevetheless, it would have been obvious 
at the time of the invention was made for one having ordinary skill in the art to realize 
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that the Internet Explore or the Navigator is well know to be the most popular web 
browser. 

21 . As per claims 8 and 17, Sasaki teaches "The method of claims 5 and 14 wherein 
the browser is the Internet Explorer.TM. and the object encryption component is 
implemented". However, Sasaki is silent on " wherein the browser is the Internet 
Explorer.TM. and the object encryption component is implemented as an Active X.TM. 
controf. Nevertheless, Sasaki teaches of implementing the Java encryption applet in 
(Col 9 lines 25-31 ). Therefore, it would have obvious at the time of the invention was 
made for one having ordinary skill in the art that the Java encryption applet is well know 
to be an Active X.™ control. 

Double Patenting 

22. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. See In re Goodman, 1 1 
F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 

USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and, In re Thorington, 
418 F.2d 528, 163 USPQ 644 (CCPA 1969). 
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23. A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) may be 
used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent is shown to be commonly 
owned with this application. See 37 CFR 1 .130(b). 

24. Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

25. Claims 1-30 of the copending application No. 09735875, hereinafter '875, 
contain every element of claims 1-23 of the instant application No. 09735875, 
hereinafter '283, and as such anticipate(s) claims 1-23 of the instant application. 

"A later patent claim is not patentably distinct from an earlier patent claim if the later 
claim is obvious over, or anticipated by, the earlier claim. In re Lonqi . 759 F.2d at 896, 
225 USPQ at 651 (affirming a holding of obviousness-type double patenting because 
the claims at issue were obvious over claims in four prior art patents); In re Berg . 140 
F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness- 
type double patenting where a patent application claim to a genus is anticipated by a 
patent claim to a species within that genus). " ELI LILLY AND COMPANY v BARR 
LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON 
PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001 ). 



26. The following list of claims in '283 are teaching in the copending application 
'875: 

'283 '875 
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1-3, 9, 18-19 



1,5-6, 8-13,21,24-26 



4, 13 



2 



5, 7-8, 16-17 



3, 15, 18,21 



6, 15 



4, 16, 19, 22 



10-12,21 



14, 17, 23, 28 



14,22 



29 



20,23 



7, 20, 27, 30 



In detail: 

27. Regarding claims 19 as exemplary in '283 and claims 1 in '875, recite an 
encryption method, and a system for sharing documents, comprising: 
"under control of a first encryption server system, generating a public/private key pair for 
an encryption server system;" in '283 

"under control of an encryption server system, generating a ECC public/private 
key pair for the encryption server system;" in '875 (The public/private key pair is 
ECC public/private key pair) 

"under control of a client system, requesting an encryption program from an encryption 
server system; requesting a server public key from an encryption server system; under 
the control of an encryption server system, transmitting an encryption program to a 
client system over a secure channel;" in '283 

"under control of a client system, requesting a Java.RTM. encryption applet from 
the encryption server system; under control of a client system, requesting a 
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Java.RTM. encryption applet from the encryption server system;" in '875 (The 
encryption program here is the Java.RTM. encryption applet) 

"transmitting a server public key to a client system over a secure channel; under control 
of a client system, receiving an encryption program from an encryption server system 
over a secure channel; receiving a server public key from an encryption server system 
over a secure channel;" in '283 

"requesting an encryption server system EEC public key from the encryption 
server system; under the control of the encryption server system, transmitting 
the Java.RTM. encryption applet to the client system over a secure channel; 
transmitting the encryption server system EEC public key to the client system 
over a secure channel;" in '875 

"installing an encryption program on a client system; running an encryption program on 
a client system to generate a symmetric key; encrypting a clear text object with a 
symmetric key, thereby creating a cipher text object; creating a relationship between a 
cipher text object and a symmetric key; encrypting symmetric key with an encryption 
server public key, thereby creating an encrypted symmetric key; creating a relationship 
between a cipher text object and an encrypted symmetric key; transmitting a cipher text 
object to an encryption server system; transmitting an encrypted symmetric key to an 
encryption server system; transmitting the relationship between a cipher text object and 
an encrypted symmetric key to an encryption server system; under the control of an 
encryption server system, storing a cipher text object in a storage medium; storing an 
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encrypted symmetric key in a storage medium; and storing the relationship between a 
cipher text object and an encrypted symmetric key in a storage medium." In 283 
"under control of a client system, receiving the Java.RTM. encryption applet from 
the encryption server system over a secure channel; receiving the encryption 
server system EEC public key from the encryption server system over a secure 
channel; installing the Java.RTM. encryption applet on the client system; running 
the Java.RTM. encryption applet on the client system to generate a Triple DES 
symmetric key; encrypting a clear text document with the Triple DES symmetric 
key, thereby creating a cipher text document; creating a relationship between the 
cipher text document and the Triple DES symmetric key; encrypting Triple DES 
symmetric key with the encryption server EEC public key, thereby creating an 
encrypted Triple DES symmetric key; creating a relationship between the cipher 
text document and the encrypted Triple DES symmetric key; transmitting the 
cipher text document to the encryption server system; transmitting the encrypted 
Triple DES symmetric key to the encryption server system; transmitting the 
relationship between the cipher text document and the encrypted Triple DES 
symmetric key to the encryption server system; under the control of the 
encryption server system, storing the cipher text document in a storage medium; 
storing the encrypted Triple DES symmetric key in a storage medium; and storing 
the relationship between the cipher text document and the encrypted Triple DES 
symmetric key in a storage medium." in '875 (the symmetric key in '283 is claimed 
more specifically as a Triple DES symmetric key). 
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28. "The exemplary Claim 19 in '283 is generic to the species of invention 
covered by claim 1 of the copending patent. Thus, the generic invention is 
"anticipated" by the species of the patented invention. Cf., Titanium 
Metals Corp. v. Banner, 778 F.2d 775, 227 USPQ 773 (Fed. Cir. 1985) 
(holding that an earlier species disclosure in the prior art defeats any 
generic claim) 4 . This court's predecessor has held that, without a terminal 
disclaimer, the species claims preclude issuance of the generic application. 
In re Van Ornum, 686 F.2d 937, 944, 214 USPQ 761, 767 (CCPA 1982); 
Schneller, 397 F.2d at 354. Accordingly, absent a terminal disclaimer, 
claims 12 and 13 were properly rejected under the doctrine of obviousness- 
type double patenting." 

(In re Goodman (CA FC) 29 USPQ2d 2010 (12/3/1993). 

29. Furthermore, there is no apparent reason why applicant would be prevented from 
presenting claims corresponding to those of the instant application in the other 
copending application. See In re Schneller, 397 F.2d 350, 158 USPQ 210 (CCPA 
1968). See also MPEP § 804. 



Conclusion 



30. Any inquiry concerning this communication from the examiner should be directed 
to Linh Son whose telephone number is (571 )-27 1-3856. 



31 . If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor Kim Y. Vu can be reached at (571 )-272-3859. The fax numbers for this 
group are (703)-872-9306 (official fax). Any inquiry of general nature or relating to the 
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status of this application or proceeding should be directed to the group receptionist 
whose telephone number is (571 )-272-2100. 

32. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval IPAIR.I system. Status information for 
published applications may be obtained from either Private PMR or Public PMR. Status 
information for unpublished applications is available through Private PMR only. For 
more information about the PAIR system, see http://pzr-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 




Linh LD Son 



Patent Examiner 



